FireEye Detection On Demand

FireEye Detection On Demand is a RESTful API service that provides access to FireEye's virtual execution engine for malware analysis. The service allows users to submit files and URLs for analysis, retrieve malware reports, and search for past analysis results using hash values. The API enables file submission for malware analysis through a POST endpoint. Users can retrieve analysis reports by connector and file ID, report ID, or by MD5/SHA256 hash values. The service provides hash lookup capabilities to check if files have been previously analyzed using MD5 or SHA256 hashes. Additional functionality includes artifact retrieval for specific reports, presigned URL generation for browser-viewable reports, and URL submission for analysis. The API includes health status monitoring for the service, subscription, and API key validation. A telemetry endpoint allows users to pull results metadata in batches. The service is designed for integration into existing security toolsets and workflows, providing programmatic access to FireEye's malware detection capabilities that are used in their Network Security, Email Security, and File Analysis products. The API follows RESTful principles and is accessible through the FireEye marketplace platform.